Redirect Users to Custom Pages by Role

WordPress is being used more and more as a web application framework. With that use case comes a bunch of extra circumstances that WordPress doesn't cover. Do you really want your application users to see the WordPress admin?

In my web application development experience, the answer to that question is usually "no."

Today I'm going to teach you how to redirect a user based on their role to a custom page in WordPress.

Getting Set Up

Let's start this by building a plugin. You want this in a plugin because it's likely you'll change your theme design and still want the redirect functionality. Any functionality that you want to live past the current theme design should be in a plugin.

Create a new plugin folder in your wp-content/plugins directory called 'cm-redirect-by-role' and add a file called cm-redirect-by-role.php. To that file we're going to add the basic WordPress plugin header seen below.

<?php
/*
Plugin Name: Redirect Users by Role
Plugin URI:
Description: Redirects users based on their role
Version: 1.0
Author: SFNdesign, Curtis McHale
Author URI: http://sfndesign.ca
License: GPLv2 or later
*/
/*
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
// TODO ?>

Now that you have a plugin started let's take a look at how user login works.

User Login Flow

The default spot that a user can log in to your WordPress site is via http://yoursite.com/wp-login.php. When you log in to a site from that location the site sends you to the WordPress admin dashboard.

That means that the WordPress admin is starting up and you need to use an admin action to catch the user. I always hook the admin_init action since it runs late enough that you have access to user data but not so late that the user will see anything on the dashboard.

Using the admin_init action means that even if they are already logged in and try to access the WordPress admin they will still get redirected.

Now let's take a look at the code we are going to use. For our example we'll assume that we want to redirect all subscribers but this will work with any standard or custom role in WordPress.

We start this process by getting our current user object with wp_get_current_user(). Out of that we get our role name and assign it to the $role_name variable.

Then we check if $role_name matches with the role we want to redirect. If it does we use wp_redirect to send the user to our location of choice.

While this will work we still have one more piece to add.

Making It AJAX safe

When making AJAX calls in WordPress you should always call the WordPress AJAX routing file which is inside the WordPress admin. If we leave our code as it is any AJAX call made by our matching roles will fail since it will meet our conditional and be redirected.

To fix that we need to check if we are currently doing an AJAX call and if so skip the role check.